package com.xtayfjpk.security;

import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.net.URL;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;

import org.junit.Test;

import com.xtayfjpk.security.utils.SecurityUtils;

public class HttpsURLConnectionTest {
	
	@Test
	public void request() throws Exception {
		String keyStorePath = "D:\\java-app\\apache-tomcat-6.0.35\\conf\\clientKeyStore.jks";
		//用这个也可以
		String trustStorePath = "D:\\java-app\\apache-tomcat-6.0.35\\conf\\clientTrustStore.jks";
		
		//对于客户端来说真正要配置的信赖Store里面包含 的应该是根证书，只要服务端给出的证书是客户端信赖根证书颁发(签名)的即可，信赖服务器证书也行
		String trustStorePath2 = "D:\\java-app\\apache-tomcat-6.0.35\\conf\\caKeyStore.p12";
		
		KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
		String password = "gitblit";
		KeyStore keyStore = SecurityUtils.getKeyStore(keyStorePath, "jks", password);
		keyManagerFactory.init(keyStore, password.toCharArray());
		
		TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
		KeyStore trustKeyStore = SecurityUtils.getKeyStore(trustStorePath2, "pkcs12", password);
		trustManagerFactory.init(trustKeyStore);
		
		SSLContext sslContext = SSLContext.getInstance("TLS");
		
		KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
		KeyManager[] myKeyManagers = new KeyManager[keyManagers.length];
		String certAlias = "192.168.0.181";
		for(int i=0; i<keyManagers.length; i++) {
			myKeyManagers[i] = new MyAliasedX509ExtendKeyManager(certAlias, (X509KeyManager) keyManagers[i]);
		}
		
		
		System.out.println("key manager count:" + keyManagers.length);
		TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
		
		sslContext.init(myKeyManagers, trustManagers, new SecureRandom());
		SSLSocketFactory socketFactory = sslContext.getSocketFactory();
		
		URL url = new URL("https://localhost:8443/ssl.jsp");
		HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
		connection.setDoInput(true);
		connection.setDoOutput(true);
		connection.setSSLSocketFactory(socketFactory);
		System.out.println(connection);
		
		connection.getOutputStream().write(12);
		
		int len = connection.getContentLength();
		System.out.println(len);
		if(len!=-1) {
			BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
			String line = null;
			while((line=reader.readLine())!=null) {
				System.out.println(line);
			}
		}
		
		Certificate[] serverCertificates = connection.getServerCertificates();
		for(Certificate certificate : serverCertificates) {
			//System.out.println(certificate);
		}
		Certificate[] localCertificates = connection.getLocalCertificates();
		if(localCertificates!=null) {
			for(Certificate certificate : localCertificates) {
				//System.out.println(certificate);
			}
		}
		
	}
}
